Skip to content

Commit

Permalink
Use lambda spring security config style
Browse files Browse the repository at this point in the history
  • Loading branch information
joshiste committed Jan 12, 2020
1 parent 6e64eb7 commit c8f2793
Show file tree
Hide file tree
Showing 8 changed files with 153 additions and 161 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2019 the original author or authors.
* Copyright 2014-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -22,6 +22,7 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
Expand Down Expand Up @@ -53,12 +54,14 @@ public SecurityPermitAllConfig(AdminServerProperties adminServerProperties) {

@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll().and().csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**"));
http.authorizeRequests((authorizeRequests) -> authorizeRequests.anyRequest().permitAll())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances",
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
}

}
Expand All @@ -75,27 +78,24 @@ public SecuritySecureConfig(AdminServerProperties adminServerProperties) {

@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(this.adminContextPath + "/");

http.authorizeRequests()
.antMatchers(this.adminContextPath + "/assets/**").permitAll()
.antMatchers(this.adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(this.adminContextPath + "/login").successHandler(successHandler).and()
.logout().logoutUrl(this.adminContextPath + "/logout").and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*", HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")
);
// @formatter:on
http.authorizeRequests((authorizeRequests) -> authorizeRequests
.antMatchers(this.adminContextPath + "/assets/**").permitAll()
.antMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
.successHandler(successHandler))
.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))
.httpBasic(Customizer.withDefaults())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances",
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
}

}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2019 the original author or authors.
* Copyright 2014-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -22,6 +22,7 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
Expand Down Expand Up @@ -53,12 +54,15 @@ public SecurityPermitAllConfig(AdminServerProperties adminServerProperties) {

@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll().and().csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**"));
http.authorizeRequests((authorizeRequests) -> authorizeRequests.anyRequest().permitAll())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances",
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));

}

}
Expand All @@ -75,27 +79,24 @@ public SecuritySecureConfig(AdminServerProperties adminServerProperties) {

@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(this.adminContextPath + "/");

http.authorizeRequests()
.antMatchers(this.adminContextPath + "/assets/**").permitAll()
.antMatchers(this.adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(this.adminContextPath + "/login").successHandler(successHandler).and()
.logout().logoutUrl(this.adminContextPath + "/logout").and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*", HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")
);
// @formatter:on
http.authorizeRequests((authorizeRequests) -> authorizeRequests
.antMatchers(this.adminContextPath + "/assets/**").permitAll()
.antMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
.successHandler(successHandler))
.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))
.httpBasic(Customizer.withDefaults())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminContextPath + "/instances",
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
}

}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2019 the original author or authors.
* Copyright 2014-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -31,6 +31,7 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
Expand Down Expand Up @@ -106,13 +107,14 @@ public SecurityPermitAllConfig(AdminServerProperties adminServer) {

@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll().and().csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.path("/actuator/**")));
http.authorizeRequests((authorizeRequests) -> authorizeRequests.anyRequest().permitAll())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"),
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
}

}
Expand All @@ -129,28 +131,24 @@ public SecuritySecureConfig(AdminServerProperties adminServer) {

@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(this.adminServer.path("/"));

http.authorizeRequests()
.antMatchers(this.adminServer.path("/assets/**")).permitAll()
.antMatchers(this.adminServer.path("/login")).permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(this.adminServer.path("/login")).successHandler(successHandler).and()
.logout().logoutUrl(this.adminServer.path("/logout")).and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))
);
// @formatter:on
http.authorizeRequests((authorizeRequests) -> authorizeRequests
.antMatchers(this.adminServer.path("/assets/**")).permitAll()
.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())
.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
.successHandler(successHandler))
.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
.httpBasic(Customizer.withDefaults())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"),
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
}

}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2019 the original author or authors.
* Copyright 2014-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -21,6 +21,7 @@
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

Expand All @@ -47,26 +48,20 @@ public static void main(String[] args) {
@Bean
@Profile("insecure")
public SecurityWebFilterChain securityWebFilterChainPermitAll(ServerHttpSecurity http) {
return http.authorizeExchange().anyExchange().permitAll()//
.and().csrf().disable()//
.build();
return http.authorizeExchange((authorizeExchange) -> authorizeExchange.anyExchange().permitAll())
.csrf(ServerHttpSecurity.CsrfSpec::disable).build();
}

@Bean
@Profile("secure")
public SecurityWebFilterChain securityWebFilterChainSecure(ServerHttpSecurity http) {
// @formatter:off
return http.authorizeExchange()
.pathMatchers(this.adminServer.path("/assets/**")).permitAll()
.pathMatchers(this.adminServer.path("/login")).permitAll()
.anyExchange().authenticated()
.and()
.formLogin().loginPage(this.adminServer.path("/login")).and()
.logout().logoutUrl(this.adminServer.path("/logout")).and()
.httpBasic().and()
.csrf().disable()
.build();
// @formatter:on
return http
.authorizeExchange((authorizeExchange) -> authorizeExchange
.pathMatchers(this.adminServer.path("/assets/**")).permitAll()
.pathMatchers(this.adminServer.path("/login")).permitAll().anyExchange().authenticated())
.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login")))
.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
.httpBasic(Customizer.withDefaults()).csrf(ServerHttpSecurity.CsrfSpec::disable).build();
}

@Bean
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2019 the original author or authors.
* Copyright 2014-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -38,11 +38,11 @@ public SecurityPermitAllConfig(AdminServerProperties adminServer) {

@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll().and().csrf()
http.authorizeRequests((authorizeRequest) -> authorizeRequest.anyRequest().permitAll()).csrf((csrf) -> csrf
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.path("/actuator/**")));
new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
}

}
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2019 the original author or authors.
* Copyright 2014-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -21,6 +21,7 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
Expand All @@ -43,29 +44,25 @@ public SecuritySecureConfig(AdminServerProperties adminServer) {

@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(this.adminServer.path("/"));

http.authorizeRequests()
.antMatchers(this.adminServer.path("/assets/**")).permitAll() // <1>
.antMatchers(this.adminServer.path("/login")).permitAll()
.anyRequest().authenticated() // <2>
.and()
.formLogin().loginPage(this.adminServer.path("/login")).successHandler(successHandler).and() // <3>
.logout().logoutUrl(this.adminServer.path("/logout")).and()
.httpBasic().and() // <4>
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) // <5>
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()), // <6>
new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()), // <6>
new AntPathRequestMatcher(this.adminServer.path("/actuator/**")) // <7>
)
.and()
.rememberMe().key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600);
// @formatter:on
http.authorizeRequests(
(authorizeRequests) -> authorizeRequests.antMatchers(this.adminServer.path("/assets/**")).permitAll() // <1>
.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated() // <2>
).formLogin(
(formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and() // <3>
).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults()) // <4>
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) // <5>
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"),
HttpMethod.POST.toString()), // <6>
new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
HttpMethod.DELETE.toString()), // <6>
new AntPathRequestMatcher(this.adminServer.path("/actuator/**")) // <7>
))
.rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));
}

// Required to provide UserDetailsService for "remember functionality"
Expand Down
Loading

0 comments on commit c8f2793

Please sign in to comment.